Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Wireguard limiting peers to Internet browsing only

Featured Replies

Hi. How could I create a Wireguard tunnel which will only allow peers to browse the Internet using my home IP address? I want to block complete access to my LAN and Unraid box.

 

I tried using the community VPN Manager interface with the firewall option to deny to my local LAN and tunnel IP address, but the peers can still access my Unraid server's file shares and HTTP management site.

 

Any tips? Thanks!

A wireguard tunnel terminates on your Unraid server, you can not deny peer access to your server, unless you use a different device (router) to terminate the WG tunnel.

 

The WG configuration has a limited firewall function to allow or deny access to other devices in your network. A simple solution would be to define your local network, e.g. 192.168.1.0/24 and deny access.

 

  • Author

I would expect that adding a combination of firewall rules it would be possible to prevent access to any services on the Unraid host and only allow forwarding to the Internet.

Edited by Geoffrey_Cleaves

The WG tunnel terminates internally to the system and bypasses the firewall (iptables) function.

 

  • 1 year later...
On 7/27/2020 at 11:41 AM, bonienl said:

The WG tunnel terminates internally to the system and bypasses the firewall (iptables) function.

 

 

Is this still the status? That is, no way to restrict the wireguard clients' access to Unraid server services / dockers via iptables?

Additionally, are you aware if there are any plans to enhance the Unraid wireguard firewall functionalities?

 

Thank you!

  • 1 year later...

Any updates on this?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.